Vulnerabilities > GNU > Groff > 1.16.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-06-30 | CVE-2009-5078 | 7PK - Security Features vulnerability in multiple products contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document. | 6.4 |
| 2001-07-26 | CVE-2001-1022 | Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command. | 7.5 |
| 2000-12-19 | CVE-2000-0803 | Unspecified vulnerability in GNU Groff GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff. | 10.0 |